How to stop people spoofing your domain in emails?

Discussion in 'Networking & Security' started by Jay_2, Sep 4, 2008.

  1. Jay_2

    Jay_2 2[H]4U

    Messages:
    3,583
    Joined:
    Mar 20, 2006
    I am in the process of setting up an SPF record, we have full rDNS setup and its related to our domin name (eg rDNS to ip 1.1.1.1 = outmail.ourdomain.com)

    Is there any other ways to stop people spamming and spoofing your domain name? eg people are sending mail with tirtoiroti@mydomain.com as the sender. The problem is that loads of mail server just send me spam notification even though the header clearly shows its from a server in japan and nothing to do with our server.
     
  2. XOR != OR

    XOR != OR [H]ardForum Junkie

    Messages:
    11,549
    Joined:
    Jun 17, 2003
    Also known as "joe-jobbing". No, there isn't a way. The receiving servers would have to drop all mail from your domain if it didn't meet certain criteria. Emphasis on receiving servers, as in ones you don't control.

    Sucks, but there you go.
     
  3. Jay_2

    Jay_2 2[H]4U

    Messages:
    3,583
    Joined:
    Mar 20, 2006
    its stupid really. Why don't they just look up the rDNS for the sending host?
     
  4. goodcooper

    goodcooper [H]ardForum Junkie

    Messages:
    9,771
    Joined:
    Nov 4, 2005
    it's just an arbitrary header value, you can put anything in there you want... Yet another fatal flaw of the current email system... It is my opinion that email system in general needs a complete security overhaul... There is just too much going on tho... Impossible to standardize at this point
     
  5. XOR != OR

    XOR != OR [H]ardForum Junkie

    Messages:
    11,549
    Joined:
    Jun 17, 2003
    Because that doesn't always indicate a spammer. I'd say only about half the hosts I receive legitimate email from don't have rdns records.
     
  6. Jay_2

    Jay_2 2[H]4U

    Messages:
    3,583
    Joined:
    Mar 20, 2006
    Well they should becuase now the other half are paying the price for it.
     
  7. DaveEhm

    DaveEhm [H]Lite

    Messages:
    104
    Joined:
    Jun 18, 2008
    I once believed that smtp hosts should have a certificate verifying their validity tied to their ip/hostname. But there's no way to enforce that, especially with how easy it is for anyone to set up their own smtp server and blast spam.

    Not to mention no matter the advances made, compliance is another issue.